Lucene search
K

4 matches found

Patchstack
Patchstack
added 2024/07/15 12:0 a.m.10 views

WordPress CM Email Registration Blacklist and Whitelist Plugin < 1.4.9 is vulnerable to Cross Site Request Forgery (CSRF)

Software CM Email Registration Blacklist and Whitelist Type Plugin Vulnerable versions 1.4.9 Fixed in 1.4.9 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-5167 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 352ac64ce637...

8.1CVSS6.7AI score0.00298EPSS
Exploits1References4Affected Software1
Circl
Circl
added 2024/07/13 8:49 a.m.6 views

CVE-2024-5167

creationtimestamp| type| source ---|---|--- 2024-07-13 08:49:44+00:00| seen| https://t.me/cvedetector/806...

8.1CVSS4.8AI score0.00298EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/07/13 6:0 a.m.12 views

CVE-2024-5167 CM Email Registration Blacklist and Whitelist < 1.4.9 - Add/Delete Emails via CSRF Add and delete any item from blacklist/whitelist

The CM Email Registration Blacklist and Whitelist WordPress plugin before 1.4.9 does not have CSRF check when adding or deleting an item from the blacklist or whitelist, which could allow attackers to make a logged in admin add or delete settings from the blacklist or whitelist menu via a CSRF...

6.8AI score0.00298EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/07/13 6:0 a.m.29 views

CVE-2024-5167 CM Email Registration Blacklist and Whitelist < 1.4.9 - Add/Delete Emails via CSRF Add and delete any item from blacklist/whitelist

The CM Email Registration Blacklist and Whitelist WordPress plugin before 1.4.9 does not have CSRF check when adding or deleting an item from the blacklist or whitelist, which could allow attackers to make a logged in admin add or delete settings from the blacklist or whitelist menu via a CSRF...

0.00298EPSS
Exploits1References1
Rows per page
Query Builder